GHSA-jj94-6f5c-65r8: ZITADEL Allows Unauthorized Access After Organization or Project Deactivation
In Zitadel, even after an organization is deactivated, associated projects, respectively their applications remain active. Users across other organizations can still log in and access through these applications, leading to unauthorized access. Additionally, if a project was deactivated access to applications was also still possible.
References
Detect and mitigate GHSA-jj94-6f5c-65r8 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →